Snort mailing list archives

Re: Error opening adapter...

From: "Thomas Schweikle" <tschweikle () fiducia de>
Date: Wed, 10 Apr 2002 13:57:53 +0200

Hi again!



Gesendet von:   snort-users-admin () lists sourceforge net
An:     Thomas Schweikle <tschweikle () fiducia de>
Kopie:  <snort-users () lists sourceforge net> 
Thema:  Re: [Snort-users] Error opening adapter...

Try doing snort -W, that should list all interfaces on the win2k box.

It might be that the winpcap drivers didn't install correctly. I think
they are part of the Win32 Binary. I installed the Demarc package which
prompted me to install them.


Snort reports:
C:\Programme\Sourcefire\Snort>snort -W

-*> Snort! <*-
Version 1.8-WIN32 (Build 103)
By Martin Roesch (roesch () sourcefire com, www.snort.org)
1.7-WIN32 Port By Michael Davis (mike () datanerds net, 
www.datanerds.net/~mike)
1.8-WIN32 Port By Chris Reid (chris.reid () codecraftconsultants com)
          (based on code from 1.7 port)

Interface       Device          Description
-------------------------------------------
1

While Windump reports:
C:\Programme\Sourcefire\Snort>WinDump.exe -I
WinDump.exe version 3.6.2, based on tcpdump version 3.6.2
WinPcap version 2.3, based on libpcap version 0.6.2
Usage: WinDump.exe [-adDeflnNOpqStuvxX] [-B size] [-c count] [ -F file ]
                [ -i interface ] [ -r file ] [ -s snaplen ]
                [ -T type ] [ -w file ] [ expression ]

C:\Programme\Sourcefire\Snort>WinDump.exe -D
1.\Device\Packet_NdisWanIp (NdisWan Adapter)
2.\Device\Packet_{5BC31604-E275-414E-BD56-2148A5A8E12A} (VMware Virtual 
Ethernet Adapter)
3.\Device\Packet_{FE4BF7F3-900F-47E4-9235-462257F7EBE5} (VMware Virtual 
Ethernet Adapter)
4.\Device\Packet_{6C6F6BA3-A548-4182-9929-AB7B3F9A2BBA} (CardBus Fast 
Ethernet Adapter)
5.\Device\Packet_{2B938C4F-9A6C-47DB-827A-DD409B781A7D} (MS LoopBack 
Driver)

If adapter numbers match, Snort seems to only see the WAN-Adapter. Any 
further tests I could do?

I am unable to start Snort on my Win2K box. I'll receive an error

opening

the network device:

C:\Programme\Sourcefire\Snort>snort -dev -l d:\Log\Snort -c
c:\Programme\Sourcefire\Snort\snort.conf -h 10.2.107.198/32
Log directory = d:\Log\Snort

Initializing Network Interface
ERROR: OpenPcap() device  open:
        Error opening adapter
Fatal Error, Quitting..

Windump does work.
Any idea what I could do?

Version 1.8-WIN32 (Build 103)
WinPCap 2.3
windump version 3.6.2, based on tcpdump version 3.6.2

-- 
Thomas


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Error opening adapter... Thomas Schweikle (Apr 09)
- Re: Error opening adapter... secsnort (Apr 09)
- <Possible follow-ups>
- Re: Error opening adapter... Thomas Schweikle (Apr 10)